Since the introduction of containerization, organizations have been able to deploy applications faster and accelerate release cycles with frequent updates and deployments. However, containerizing applications involve more steps compared to traditional server-based deployments. For example, you need to ensure the packaged container image is working as per expectation, security standards are in place, volume mounting is working, secrets are safe inside, and more. When you have more frequent application releases, automating such container build and deployment tasks will help you implement better CI/CD workflows and save time on manual processes.

With the Ansible collections for container management, we can manage the entire life cycle of our containers. This includes building them, pushing them to the registry, scanning them for vulnerabilities, and deploying them.

In this chapter, we will cover the following topics:

• Managing the container...

You will need the following technical requirements for this chapter:

• A Linux machine for the Ansible control node (with internet access)
• A Linux machine for installing and configuring Docker
• Access to a Docker container registry (hub.docker.com)
• Basic knowledge about containers and container registries (Docker or Podman)

All the Ansible code and playbooks, as well as the commands and snippets, for this chapter can be found in this book’s GitHub repository at https://github.com/PacktPublishing/Ansible-for-Real-life-Automation/tree/main/Chapter-10.

Various types of container software are available, such as Docker and Podman. In this chapter, we will be using Docker to explain and demonstrate container management using Ansible. We will be using Docker Community Edition (CE), which is free, though you can use Docker Enterprise Edition (EE) if needed.

Ansible Docker prerequisites

To use the Ansible Docker modules, you must install the docker library, which you can do using Python pip or standard packages managers such as yum (yum install python-docker-py) of dnf if available. If you are using the old version of Python (2.6), then you should install and use the old library called docker-py.

Installing Docker on the host using Ansible

Installing Docker software on a host involves multiple steps and configurations. These steps can be completed manually or we can use the Ansible role available in Ansible Galaxy. We will be using the community Ansible role called geerlingguy.docker (https://github...

Containerizing applications will give you more options for integrating, delivering, and deploying them since most of the tools support automated builds, tests, and executions. A typical containerized application workflow can be seen in the following diagram:

Figure 10.6 – Typical CI/CD tasks in a Docker-based deployment

Most of the tasks in the preceding diagram can be automated using Ansible as the Ansible collection for Docker and Podman contains several modules to support building, running, and managing containers on your container host. Either implement the entire workflow using Ansible or use Ansible with our favourite CI/CD tools and execute the tasks more flexibly. You will learn how to integrate Ansible with Jenkins in Chapter 12, Integrating Ansible with Your Tools.

In this next section, you will learn how to manage containers using Ansible and manage the container life cycle.

The Ansible collection, community.docker (https://galaxy.ansible.com/community/docker), contains more than 25 Ansible modules and ~10 plugins for connection, inventory, and more. These modules will help you manage containers, container images, images in the container registry, the Docker network, Docker volumes, Docker swarm, and other container-based operations.

If you are using Podman, then check out the containers.podman collection (https://galaxy.ansible.com/containers/podman) in Ansible Galaxy.

In the upcoming sections, you will learn how to build, start, and manage containers using Ansible.

Installing the Ansible Docker collection

Installing a collection is straightforward, as you learned in the previous chapters:

1. Update your ansible.cfg with the collection path:

Figure 10.7 – ansible.cfg with the collection and role paths

2. Install the community.docker Ansible collection:

As we learned from Figure 10.6, your integration stage will begin when the developers push the code or merge the branches in a Git repository. Call the container build commands directly from your CI/CD tools, such as Jenkins or GitHub Actions. However, commands and pipeline tasks are unpredictable, so you will not have much control over the output and results. This is where you can utilize Ansible playbooks as you have more flexibility and control over the build processes and outputs.

In the next few sections, you will learn how to create Docker container registry access, build container images using Ansible, and save the container images in the container registry.

Configuring Docker Registry access

Before pushing the latest images to the container registries, you need to log into the registry with your credentials. Access Docker Registry using a username and password, but it is a best practice to use Access Tokens instead of passwords...

In this section, you will use the well-known Content Management System (CMS) application stack known as WordPress (https://wordpress.org). The WordPress application is based on multiple application stacks, including PHP, a web server, and a database. The WordPress application is available as a container image (https://hub.docker.com/_/wordpress). For the database, we will deploy another container using MariaDB (https://hub.docker.com/_/mariadb).

Please refer to the Chapter-10/deploy-wordpress-on-docker.yaml file to see the Ansible playbook for deploying the WordPress CMS using Ansible. Follow these steps:

1. We declared the essential parameters on top of the playbook, as shown in the following screenshot. Remember to store sensitive data such as database usernames and passwords using Ansible Vault (or Credential in Ansible Automation Controller) or other secret management services. These variables are then passed to the container...

In this chapter, you learned how to install and configure Docker on a Linux machine using Ansible. Then, you learned how to pull an image from the container registry, and then start that container and stop it using Ansible modules. Finally, you learned how to use Ansible to build container images with a Dockerfile, as well as how to build application content and push a container image to the container registry. You also tested the newly built container images by running a container with Ansible modules. Knowing how to manage containers and container images using Ansible will help you implement better and more efficient CI/CD workflows and pipelines. Instead of struggling with the limited features in the CI/CD tools, utilize the flexibility of Ansible to add more validations, tests, and integrations to the container build process.

In the next chapter, you will learn how to manage containerized applications in Kubernetes and manage other Kubernetes resources and applications...

To learn more about the topics that were covered in this chapter, take a look at the following resources:

• Container registry access tokens for Docker Hub: https://docs.docker.com/docker-hub/access-tokens
• Ansible docker-compose module: https://docs.ansible.com/ansible/latest/collections/community/docker/docker_compose_module.html
• Docker RUN and environment variables: https://docs.docker.com/engine/reference/commandline/run/#set-environment-variables--e---env---env-file
• Dockerfile documentation: https://docs.docker.com/engine/reference/builder/
• Top 5 Free Resources to Learn Docker: https://www.techbeatly.com/top-5-free-resources-to-learn-docker/